Finishing Configuration of Access Server

Now that you’ve installed OpenVPN Access Server, what’s next?

Find the URLs for your web server

When you complete the installation process on the command line, you will find the URLs for your admin UI and client UI. If you follow another installation flow, you may see the URL mentioned elsewhere.

urls for access server what do they mean

What does this mean?

Admin UI

The Admin UI is the web-based GUI for managing your OpenVPN Access Server. We also refer to it as the Admin Web UI. Typically, it is the address of your server with /admin/ appended, for example

When you login to the Admin Web UI, this is where you can manage the configuration, certificate, users, and so on as an administrative user. The web-based GUI provides simplified management of complex VPN features rather than having to run Linux-based commands and scripts.

Client UI

The Client UI is the web-based GUI for users to login and download clients or configuration files. Typically, it is the address of your server, as an example.

When a user logs in here with the credentials as setup in the Admin Web UI, they can download pre-configured Connect Clients for Windows and macOS. There will also be links to the Linux, Android, and iOS client programs. You can also find a configuration profile to import into an already installed client.

access server client ui

NOTE: The web services by default actually run on port TCP 943, so you can visit them at and as well. The OpenVPN TCP daemon that runs on TCP port 443 redirects incoming browser requests so that it is slightly easier for users to open the web interface by leaving the :943 part out.

First time logging into Admin Web UI

Administrative User

For the first use of the Admin Web UI, a single administrative user is initially added to the system. However, this user does not have a password set. In order to login, you must first run the following command on your server in order to set that:

passwd openvpn

Once you’ve set your administrative user’s password, you can now open a browser and enter your Admin Web UI address.

Invalid Certificate

OpenVPN Access Server comes with a self-signed certificate. This allows you to login to the Admin Web UI right away and add your own SSL certificate through the GUI, rather than needing to do it using the Linux command line. However, because of this, your browser will give you an error message when you first go to the Admin Web UI or Client UI addresses.

By clicking through to continue to the site, you can continue to the web interface. At the login screen, you can enter the username and password for your ‘openvpn’ user.


Setting up authentication

Authentication with Local, RADIUS, LDAP, or PAM

Once logged in to the Admin Web UI, you can select which authentication system to use: Local, PAM, RADIUS, or LDAP.

access server authentication

The default is Local. Under User Management, you can add users and define their permissions at the user, group, and global level. You can also integrate with an external system using RADIUS or LDAP. For example, you can set up a connection to an LDAP connector to integrate with Windows Server Active Directory.

If you manage a limited number of users, we recommend using the Local authentication. Within the User Permissions screen, you can add/remove users, set passwords, and define access control rules.

access server user permissions guide

For more information about configuring specific functions, you might find some of these links helpful:

OpenVPN Access Server User Manual

Resource Center

Hardening Security